[CTF(x) 2016 : WEB] north korea – 50 pts Writeup

Standard

Description:
What is North Korea hiding?
http://problems.ctfx.io:7002/

Entering the URL I faced with only a sentence:
“We, the Democratic People’s Republic of Korea, have developed a revolutionary new security standard. The West doesn’t stand a chance.”

That’s all? I took a look at the source code (ctrl+u) to see if something is hiding, and indeed I saw a hidden button and a simple script:

<button hidden type="button">Retrieve nuclear codes</button>
<span></span>
<script type="text/javascript">
$(function() {
	$("button").click(function() {
		$.get('code', function(code) {
			$('span').text(code);
		});
	});
});
</script>

I clicked the button and it gave me the content of “http://problems.ctfx.io:7002/code” which was a message: “Nice try kiddo”.
Well, I took a look again at the first message: “…The West doesn’t stand a chance.”. What about the north? What if i”ll set the X-Forwarded-For to North Korea’s IP? X-Forwarded-For is the conventional way of identifying the originating IP address of the user connecting to the web server coming from either a HTTP proxy, load balancer.

Curl --header 'X-Forwarded-For: 175.45.176.0' -i http://problems.ctfx.io:7002/code -k -L

And the response came with the flag:
ctf(jk_we_aint_got_n0_nuk35)

megabeets_inline_logoEat Veggies.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *